SANS @Night

BoF (Birds of a Feather Session)

- Secure Programming
- Saturday, March 31st: 6:00pm - 6:50pm

Sign up to chat with Alan Paller & Mason Brown!
(Sign up sheet on the bulletin board by the SANS Registration Desk)

NIST Log Management Guide in the Real World

- Wednesday, April 4th: 7:00pm - 8:00pm
- Anton Chuvakin

This presentation will introduce the first ever standard on log management — NIST 800 — 92 guide. It will then offer a guide walk through to highlight the critical areas of standardization. The majority of the remaining time will be spent on explaining how to use the guide in the real world if you are a security manager or a security pro.

Dr. Anton Chuvakin, GCIA, GCIH, GCFA (www.chuvakin.org) is a recognized security expert and book author. He currently works as a Director of Product Management with LogLogic, a log management and intelligence company. He was previously a Chief Security Strategist with a security information management company.

A frequent conference speaker, he also represents the company at various security meetings and standards organizations. He is an author of a book Security Warrior and a contributor to Know Your Enemy IT , Information Security Management Handbook , Hacker's Challenge 3 and the upcoming book on PCI. Anton also published numerous papers on a broad range of security subjects. In his spare time he maintains his security portal www.info-secure.org and several blogs.

More Than a Microsoft World

- Wednesday, April 4th: 8:00pm - 9:00pm
- Marc Maiffret, eEye Digital Security's Co-Founder/CTO and Chief Hacking Officer

While Microsoft has long been the primary target for criminals looking to exploit system vulnerabilities, now other applications such as Systems Management, QuickTime, iTunes and even security applications from companies like Symantec and McAfee are being used as a means of entry into the network.

eEye's research team has identified these exploits as part of a growing trend of attacks that target consumer-oriented applications rather than the operating system itself, as well as bypass network-level security technologies traditionally used by organizations, including IDS gateways or gateway-based anti-virus systems. Now, applications like QuickTime or iTunes can represent a threat to the network's integrity. The reason is simple — Since Microsoft has been the dominant OS with the largest installed base, hackers naturally targeted it. However, as Microsoft has steadily improved its approach to security, criminals are looking to other "low hanging fruit." And they've had 5 whole years to practice against Microsoft, which means many applications are more vulnerable than ever. As an additional bonus Maiffret will demonstrate that although Microsoft has progressed in security they are not perfect. To help illustrate this fact Maiffret will be demonstrating live hacking a Windows Vista system with Office 2007.

Marc Maiffret — eEye Digital Security's Co-Founder/CTO and Chief Hacking Officer As eEye Digital Security's Co-Founder/CTO and Chief Hacking Officer, Marc Maiffret has been a driving force in the vision and continuous innovation for eEye's product development and vulnerability research efforts since the company's inception in 1998. Long regarded as a security expert and thought leader in vulnerability assessment and endpoint security, Marc Maiffret also leads the efforts of eEye's world renowned Research Team. In addition, Mr. Maiffret speaks regularly on the state of security across the globe, including several appearances before Congress, where he has testified on information policies and security threats posed to both public and private infrastructures. Mr. Maiffret's role in vulnerability research, education and product innovation has been reflected in the numerous awards and distinguishments that eEye Digital Security continuously receives.

>>Register now for More Than a Microsoft World